From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id F08FDC433EF for ; Tue, 26 Apr 2022 10:39:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References: Message-ID:Subject:Cc:To:From:Date:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=Ga6cpED+4mOkIfv1xHTT6u16Ek/A2uC4HMnM+pA9UfU=; b=t6xb73VzSNp/xo OCBO1aX83t2hj+erq1ivXiXmn6IZMcZjJoMTz2a8MYMZKqiidmfpI9RH0wGGxIllswAr2+3Ti595l dw5+oljIVRpfyiNmWYFcAE4p6OqLNWihT3q8PV4cOJPZpZD4XvlllkNJwxTZxmBoHjse5imp/1UNm MjeXh0shHUXblby8V7hmTZ0w/f4bKxHcSt3OFcTC5ASK+8YATk+Ml460Quvyvj0lB42plZ2eW6BSP buqWSvAY83VFvixr8QUHfpJBNUb9upSmkYfcuHp7ze1Qd3sD6QhFtQ7zRkLx0fT7EJauRxzwMwD8O cDb6aCKFkWMXoZgZl0ZQ==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1njIa4-00DwiU-2C; Tue, 26 Apr 2022 10:38:04 +0000 Received: from foss.arm.com ([217.140.110.172]) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1njIZx-00DwgA-N7 for linux-arm-kernel@lists.infradead.org; Tue, 26 Apr 2022 10:37:59 +0000 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id A764BED1; Tue, 26 Apr 2022 03:37:56 -0700 (PDT) Received: from FVFF77S0Q05N (unknown [10.57.76.208]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 3231C3F5A1; Tue, 26 Apr 2022 03:37:55 -0700 (PDT) Date: Tue, 26 Apr 2022 11:37:47 +0100 From: Mark Rutland To: Kees Cook Cc: linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, akpm@linux-foundation.org, alex.popov@linux.com, catalin.marinas@arm.com, luto@kernel.org, will@kernel.org Subject: Re: [PATCH 0/8] stackleak: fixes and rework Message-ID: References: <20220425115603.781311-1-mark.rutland@arm.com> <202204251551.0CFE01DF4@keescook> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220426_033757_853963_90833175 X-CRM114-Status: GOOD ( 28.25 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, Apr 26, 2022 at 11:10:52AM +0100, Mark Rutland wrote: > On Mon, Apr 25, 2022 at 03:54:00PM -0700, Kees Cook wrote: > > On Mon, Apr 25, 2022 at 12:55:55PM +0100, Mark Rutland wrote: > > > This series reworks the stackleak code. The first patch fixes some > > > latent issues on arm64, and the subsequent patches improve the code to > > > improve clarity and permit better code generation. > > > > This looks nice; thanks! I'll put this through build testing and get it > > applied shortly... > > Thanks! > > Patch 1 is liable to conflict with come other stacktrace bits that may go in > for v5.19, so it'd be good if either that could be queued as a fix for > v5.1-rc4, or we'll have to figure out how to deal with conflicts later. > > > > While the improvement is small, I think the improvement to clarity and > > > code generation is a win regardless. > > > > Agreed. I also want to manually inspect the resulting memory just to > > make sure things didn't accidentally regress. There's also an LKDTM test > > for basic functionality. > > I assume that's the STACKLEAK_ERASING test? > > I gave that a spin, but on arm64 that test is flaky even on baseline v5.18-rc1. > On x86_64 it seems consistent after 100s of runs. I'll go dig into that now. I hacked in some debug, and it looks like the sp used in the test is far above the current lowest_sp. The test is slightly wrong since it grabs the address of a local variable rather than using current_stack_pointer, but the offset I see is much larger: # echo STACKLEAK_ERASING > /sys/kernel/debug/provoke-crash/DIRECT [ 27.665221] lkdtm: Performing direct entry STACKLEAK_ERASING [ 27.665986] lkdtm: FAIL: lowest_stack 0xffff8000083a39e0 is lower than test sp 0xffff8000083a3c80 [ 27.667530] lkdtm: FAIL: the thread stack is NOT properly erased! That's off by 0x2a0 (AKA 672) bytes, and it seems to be consistent from run to run. I note that an interrupt occuring could cause similar (since on arm64 those are taken/triaged on the task stack before moving to the irq stack, and the irq regs alone will take 300+ bytes), but that doesn't seem to be the problem here given this is consistent, and it appears some prior function consumed a lot of stack. I *think* the same irq problem would apply to x86, but maybe that initial triage happens on a trampoline stack. I'll dig a bit more into the arm64 side... Thanks, Mark. _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel